HTML Injection Vulnerability in HCL MyXalytics by HCL Technologies
CVE-2025-52654

4.6MEDIUM

Key Information:

Vendor
CVE Published:
3 October 2025

What is CVE-2025-52654?

A vulnerability exists in HCL MyXalytics that allows attackers to inject unauthorized HTML into the application. This could lead to various security risks, including cross-site scripting (XSS) attacks, which could compromise user data and application integrity. It's crucial for users and administrators of HCL MyXalytics 6.6 to be aware of this vulnerability and implement recommended security measures to mitigate associated risks.

Affected Version(s)

HCL MyXalytics 6.6

References

CVSS V3.1

Score:
4.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-52654 : HTML Injection Vulnerability in HCL MyXalytics by HCL Technologies